CNNVD-202601-3044 Information

CNNVD ID

CNNVD-202601-3044

Related CVE

CVE-2026-23522

• CNNVD Published: 2026-01-19

Description (Chinese)

Lobe Chat是LobeHub开源的一个开源、高性能的聊天机器人框架。 Lobe Chat 2.0.0-next.193之前版本存在安全漏洞，该漏洞源于缺少所有权验证，可能导致任意文件删除。

Description (English)

Lobe Chat is an open source, high-performance chat robotic framework for the LobeHub open source. Lobe Chat 2.0.0-next. 193 had a security loophole, which stemmed from a lack of proof of ownership and could lead to the removal of any document.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

LobeHub

Published

2026-01-19

Last Modified

2026-02-24

References

https://github.com/lobehub/lobe-chat/commit/2c1762b85acb84467ed5e799afe1499cd2f912e6 https://github.com/lobehub/lobe-chat/security/advisories/GHSA-j7xp-4mg9-x28r https://access.redhat.com/security/cve/cve-2026-23522

Patch

https://github.com/lobehub/lobe-chat/releases